Cyber attack hit the Italian oil and gas services company Saipem

Some of the servers of the Italian oil and gas services company Saipem were hit by a cyber attack early this week.

Saipem has customers in more than 60 countries, including Saudi Arabian oil and gas giant Saudi Aramco. It could be considered a strategic target for a broad range of threat actors.

The attack has been identified out of India on Monday and primarily affected the servers in the Middle East, including Saudi Arabia, the United Arab Emirates, and Kuwait.

Main operating centers in Italy, France and Britain had not been affected.

The attack affected only a limited number of servers in its infrastructure, Saipem said it is working to restore them using backups, a circumstance that could suggest that a ransomware hit the company.

Saipem told Reuters the attack originated in Chennai, India, but the identity of the attackers is unknown.

“The servers involved have been shut down for the time being to assess the scale of the attack,”Saipem’s head of digital and innovation, Mauro Piasere, told Reuters.

“There has been no loss of data because all our systems have back-ups,” he added.

The Italian oil services company Saipem was hit by a cyber attack, it confirmed the event but has shared a few details about the attack.

“We have no proof of the origins or reasons for the attack, though this is being investigated,” a Saipem spokesperson said via email.

“We are collecting all the elements useful for assessing the impact on our infrastructures and the actions to be taken to restore normal activities,” the firm said in a statement.

At the time it is impossible to attribute the attack, it is not clear is the company faced a targeted attack or if was hit in a broader campaign carried out by threat actors.

We cannot exclude that attackers hit the company to target its business partners too, for example, Saudi Aramco that suffered Shamoon attacks in 2012 and 2016.

Saipem told media it was reporting the incident to the competent authorities.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – energy industry, cyber attack)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.